September 22nd, 2008, 04:22 PM
Encryption and Forensics in the UK
Looks like computer crimes investigators have some legal tricks (and some below-the-radar techs) at their disposal to help them tip the scales in their favor...
BCS Computer Forensics - Sun Blogs
I did raise the question of how do they deal with encrypted file systems. There are 2 ways:- One is a bit of legislation which requires the accused to give up the password or be liable to a sentence of up to 2 years. The other is they take the disk to some shady government people with an office on the banks of the Thames in London and they just get the data back, no questions asked.
I did wonder if the technology such as the forth coming ZFS encryption would make their life harder, but they often take an disk image of the system before it is powered off and removed. The other point they made is that all but the most organised criminals are not computer literate enough and make enough mistakes to make acquiring forensics evidence possible. They deal quite happily today with Bitlocker, in most cases as the password used to encrypt data is the same as the password used to log in.
September 25th, 2008, 05:24 AM
It's pretty interesting that in the UK you can face jail time for not revealing a password. In the United States it has recently been ruled that being forced to reveal memorized information, such as passwords, is in violation of the 5th Amendment, as it is considered to be self incrimination.
September 25th, 2008, 10:27 AM
Thats quite cool.
I wonder what the law is here in Sa concerning giving up passwords to encrypted systems.
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
By Negative in forum Other Tutorials Forum
Last Post: April 23rd, 2010, 05:33 AM
By Soda_Popinsky in forum Computer Forensics
Last Post: September 2nd, 2005, 05:51 AM
By emo in forum Computer Forensics
Last Post: April 18th, 2005, 08:43 AM
By andrewsco in forum Computer Forensics
Last Post: March 27th, 2005, 03:23 PM
By xmaddness in forum Miscellaneous Security Discussions
Last Post: October 23rd, 2002, 10:48 PM